Planned Upgrade Causes Generation of Invalid Blocks

If you did not receive your bitcoins in transactions that have been confirmed before 12:00 am, 6 July 2015, your bitcoins might not be safe. A security problem has occurred where are currently creating invalid blocks. There are certain software that are able to detect invalid blocks and reject them accordingly, but there are some software that are insufficient to handle this current threat, since they are unable to detect invalid blocks. Users of this software will accordingly receive confirmations that are not real.

For some time now, increasing amounts of mining hash rates have been enforcing BIP66 strict DER signatures. According to BIP66 rules, the moment 950 of the last 1 000 (95%) version 3 (v3) blocks are reached, all upgraded miners start rejecting version 2 (v2) blocks. The 950-level was reached on 4 July 2015. Shortly following this event, a small miner, which formed part of the remaining 5%, mined an invalid block. Although the mining of invalid blocks has been anticipated, it became clear that about 50% the network hash rate was mining without fully validating blocks (referred to as SPV mining) and building new blocks on top of invalid blocks. Since approximately only half the SPV mining network indicated that they would enforce the BIP66 rules, several huge miners have forfeited over $50 000 worth of mining income to date.

Accordingly, software tasked with rejecting invalid blocks is now at risk of reflecting transactions as confirmed when they are technically not. Lightweight (SPV) wallets and certain software such as older versions of Bitcoin Core, which have been downgraded to SPV-level security by the new BIP66 consensus rules, are currently the most at risk group.

At the moment the recommended action to be taken, is to temporarily get all miners off of SPV mining and back to full validation. Bitcoin.org can accordingly reduce its current recommendation of waiting for 30 extra confirmations. Due to the fact that problems arose with regard to a scheduled update, confirmation scores received after 6 July 2015 are a great deal less reliable if you are using the following software:

Lightweight (SPV) wallet users should preferably receive an additional 30 confirmations to the amount that they usually receive;

Bitcoin Core 0.9.4 or earlier users should either upgrade to Bitcoin Core 0.10.2 or preferably receive an additional 30 confirmations to the amount that they usually receive;

Web wallet users should also preferably receive an additional 30 confirmations to the amount that they usually receive, unless you are absolutely certain that your wallet is secured by Bitcoin Core 0.9.5 or a later version;

Bitcoin Core 0.9.5 or later users are not affected by this, but it is recommended to upgrade to the 0.10.2 version since there could be a denial-of-service vulnerabilities that is not related to this particular alert.

It is important for miners who pool mine to make sure that they are part of a pool that validates blocks properly. If you find that your pool does not do this, immediately switch to a pool that does. A list containing suspected good and/or bad pools can be found The Wiki Mining Pool Comparison page. If you prefer to solo mine, switch to Bitcoin Core 0.10.2 as soon as possible.

The question at this stage is whether this problem can be solved in order for things to “go back to normal”. The answer to that is yes and no. Bitcoin Core 0.9.5, as well as its later versions, has always been able to detect whether blocks are valid or not. Bitcoin Core 0.9.4 as well as earlier versions however, does not incorporate the additional BIP66 consensus rules and will accordingly not provide the level of security that later versions of Bitcoin Core provide. It is therefore strongly recommended that you upgrade in order for you to return to full node security. Lightweight (SPV) wallets are unsafe if less than 30 confirmations have been received. This situation will remain until all the major pools have switched to full validation. Because web wallets are extremely diverse in their operation and handling of double spends, it is safer to assume that they are on the same security level as the lightweight wallets described above, unless you are absolutely certain that they use Bitcoin Core 0.9.5 or a later version for full validation.